Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://unless.com https://*.unless.com https://beamanalytics.b-cdn.net https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://unless.com https://*.unless.com https://fonts.googleapis.com; connect-src 'self' https://unless.com https://*.unless.com wss://*.unless.com https://*.beamanalytics.io https://*.algolianet.com https://*.algolia.net; font-src 'self' https://unless.com https://*.unless.com https://fonts.gstatic.com; frame-src 'self' https://unless.com https://*.unless.com https://calendar.google.com https://www.youtube.com https://www.youtube-nocookie.com; img-src 'self' data: https://unless.com https://*.unless.com https://images.ctfassets.net https://i.ytimg.com; object-src 'none'; base-uri 'none';